* * * READ ME * * * * * * Veritas File System Advanced Features 6.2 * * * * * * Patch 100 * * * Patch Date: 2015-01-30 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Veritas File System Advanced Features 6.2 Patch 100 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- RHEL6 x86-64 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSfsadv BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Symantec File System 6.2 * Symantec Storage Foundation 6.2 * Symantec Storage Foundation for Oracle RAC 6.2 * Symantec Storage Foundation HA 6.2 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 6.2.0.100 * 3702445 (3621205) OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following Symantec incidents: Patch ID: 6.2.0.100 * 3702445 (Tracking ID: 3621205) SYMPTOM: OpenSSL common vulnerability exposure (CVE): POODLE and Heartbleed. DESCRIPTION: VRTSfsadv package uses old versions of OpenSSL which are vulnerable to POODLE(CVE-2014-3566) and Hearbleed(CVE-2014-0160). By upgrading to OpenSSL 0.9.8zc, many security vulnerabilities have been fixed. RESOLUTION: The VRTSfsadv package is built with OpenSSL 0.9.8zc.. INSTALLING THE PATCH -------------------- Run the Installer script to automatically install the patch: ----------------------------------------------------------- To install the patch perform the following steps on at least one node in the cluster: 1. Copy the patch fsadv-rhel6_x86_64-6.2.0.100-patches.tar.gz to /tmp 2. Untar fsadv-rhel6_x86_64-6.2.0.100-patches.tar.gz to /tmp/hf # mkdir /tmp/hf # cd /tmp/hf # gunzip /tmp/fsadv-rhel6_x86_64-6.2.0.100-patches.tar.gz # tar xf /tmp/fsadv-rhel6_x86_64-6.2.0.100-patches.tar 3. Install the hotfix # pwd /tmp/hf # ./installVRTSfsadv620P100 [ ...] Install the patch manually: -------------------------- #rpm -Uvh VRTSfsadv-6.2.0.100-RHEL6.x86_64.rpm REMOVING THE PATCH ------------------ #rpm -e rpm_name SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE